what is claimed: 

1. A method of managing reliance in an electronic 
transaction system, the method comprising the steps of: 

(A) a certification authority issuing electronic signals 
representing a primary certificate to a subscriber; 

(B) forwarding, from ,the certification authority to a 
reliance server, electronic signals representing information about the 
issued primary certificate; 

(C) the reliance server maintaining the forwarded 
information about issued primary certificate; 

(D) the subscriber forming a transaction and then 
providing electronic signals representing the transaction to a relying 
party, the transaction including electronic signals representing the 
primary certificate; 

(E) the relying party sending to the reliance server 
electronic signals representing a request for assurance based on the 
transaction received fi-om the subscriber; 

(F) the reliance server determining whether to provide the 
requested assurance, said determining based on the information about 
the issued primary certificate and on the requested assvirance; and, based 
on said determining. 
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(G) the reliance server issuing to the relying party 
"electronic signals representing a secondary certificate providing the 
assurance to the relying party. 



2. A method as in claftm 1 wherein the primary certificate 
specifies a reliance limit and wherein the information forwarded by the 
certification authority to the relianie server includes electronic signals 
representing assurance parameters controlling whether the reliance 
server can provide assurance based on the primary certificate. 



3. A method as Inpteim 2 whereirKthe assurance 
parameters include electrmrfc signals tepresentiiig an acceptable reliance 
limit in excess of the reliance ^imit specified/m the primary certificate, 
and wherein the request for assurance ^s g(Veguest_for reliance on a value 
in excess of the specified rel/ance limit, wherein the step (F) of the 
reliance server determining/whether to provide the Requested assurance 
comprises the step of: 

(Fl) determiliing whether th^equested reliance would 
exceed the acceptable reliance limit^ 



4. A n/ethod4s in claim 3 further comprising the step of: 

(H) the reliance server tracking cumulative liability 

associated with the firiinary certificate, and 
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wherein the step (Fl) of determining comprises the step of: 
whether the requested reliance would cause 
xceed the acceptable reliance limit. 



(F2) determinir g 
the cumulative liability to e 



5. A method as in claim 2 wherein the requested 
assurance is for the accurac ^ of another certificate, and wherein step (F) 
further comprises the step cf: 

(Fl) the relianjce serv^r^hecking the current validity and 
authenticity of the other cettifi/ate; and /vherein tl;^ step (G) of issuing 
comprises the step of: 

(Gl) the reliince server issding electronic sign^s 
representing the secondjiry certificate att jsting to the accuracy of the 
other certificate. 

6. ^method as in claim 5 l^raerein the step (Fl) of 
checking comprises the steps of: 

vemying the other certificate's digital signature along a 
chain of certincates, and 

checking whether the requested assurance is within the 



assurance parameters. 
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7. A method as in claim 2 wherein the requested 
assurance is for the authenticity of another certificate, and wherein step 
(F) further comprises the step of: 

(Fl) the reliijice server checking authenticity of the other 
certificate; and wherein tlie step (G) of issuing comprises the step of: 

(Gl) the reliance server issuing electronic signals 
representing the secondare certificate attesting to the authenticity of the 
other certificate. 




whereiif the step (Fl) of 



s digital signatur^long a 



8. A methj)d 
checking comprises the sjteps oif: 

verifying thq other certificate ' 
chain of certificates, and 

checking vyhether the requested assuran9e!^s within the 
assurance parameters-^ 

9, A/method as in claim 2 wherein the requested 
assurance is for th^ validity of another certificate, and wherein step (F) 
further comprises the step of: 

(Fl)/ the reliance server checking the current validity of the 




other certificate; 



and wherein the step (G) of issuing comprises 
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(Gl) the reliance server issuing electronic signals 
representing the secondary certificate attesting to the validity of the 
other certificate. 



10. A method as in c 



aim 9 wherein the step (Fl) of 



checking comprises the steps of: 

determining whether th(; 

suspended, revoked, or has expiree 
checking whether the 



other certificate has been 
and 



re(}Ui 



hin the 




assurance parameters. 



11. A method as in claim 2 whei ein the requested 
assurance is for assurance of an agent's authority 

and wherein step (F) furtMer comprises the stei5/<5f: 

the reliance server returning electroVji^ signals representing 
documentation of agency wi^ an envelopp^ secondary certificate 
attesting to authenticity. 



12. A memod as in claim 1 1 wherein the documentation of 



agency includes a povjfer of attorney 



13. A riethod as in claim 2 wherein the requested 

assurance is for assura^nce of a of person's accreditation 
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and wherein step (FVfurther comprises the step of: 

the reliance serven returning a statement by a licensing or 
professional body regarding the person's accreditation, with electronic 
signals representing an envelop^g secondary certificate attesting to the 
statement's authenticity. 

14. A method as in claim 2 wherein the requested 
assurance is for assurance of existence and/or good standing of entity 
and wherein step (F) further comprises the step of 

the reliance server retuminj; electoefnic signals representing a 
statement by a public office in/which tl le^ntity is incorporated 
indicating that the entity exists, is in gc od standing, and is qualified to 
conduct business, wherein statement is enclosed in t^ie secondary 
certificate attesting to the statement's authentici 



15. A method as in dmm 2 wherein the requested 
assurance is for assura/nce of me performance of an obligation and 
wherein step (F) furtner comprises the step of: 

the reliance server issuing electronic signals representing a 
statement of assurance of payment, wherein statement is enclosed in the 
secondary certificate attesting to the statement's authenticity. 



V 
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16. A method $s in claim 1 further comprising the steps 



of: 



(I) the reliance 
contract prior to the reliance 



^rver and the relying party entering into a 
issuing the secondary certificate. 



server ; 



1 7. A method as Sn claim 16 wherein the contract is 
entered into after the relying p^rty makes its request. 

18. A method ad inxflaim 2 wheretti the transaction 
includes electronic signals rejTresentpng a dighal signature and wherein 
the assurance parameters inc/ude eletctronic s ignals representing a 
maximum supplemental assurance tllat can be issued foV a particular 
digital signature. 



19, A memod as in clairn 2/wherein the assurance 
parameters include elefctronic signals representing at least one of: 

a maximdm suppleniental assurance that can be issued in a 
single secondary certificate; 

a maximum supplemental assurance that can be issued to 
any particular relying party; 

a maximum supplemental assurance that can be issued 
during one orinore specified time intervals; 



• # 
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a maximum number of secondary certificates that can be 
issued on the primary certificate 

a maximum time perijpd during which a secondary certificate 
may remain valid; 

a maximum reliance liinit that can be listed in a secondary 
certificate valid for a specified transaction type; 



must be submitted by the relying 
to provide a basis for the 



specific information tha 
party along with its request in order 
supplemental assurance; 

an amount of supplemeijtaj^surance that^he subscriber hais 
prepaid and restrictions on how t^ll prep^d assuran<;6 can be issued in a 
secondary certificate; 

a requirement that the feubscrjiber ap]6rove issuance of 
supplemental assurance by the reliance server for a secondary certificate 
to be issued to the relying party yoefore f relying party's p^uest for a 
secondary certificate can be granted; 

thresholds whichArigger a [report b^g sent from the 
reliance server to the certification author 

how often the/reHance server should report to the 
certification authority about th^ extent of supplemental assurance issued 
on the primary certificate; 

signals representing restrictions limiting disclosure of or 

access to the primap^ certificate to specified parties; 
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requirements thatythe transaction be signed by additional 
parties besides the subscriber, optionally specify who those additional 
parties are and what number of them must sign; 

a scale of the amounnof supplemental assurance that can be 
issued based on the number and icfentity of additional parties that sign; 
and 

information regarding t|he validity of the primary certificate. 

20. A method as in c 
parameter can be restricted to a p; 

( 

21. A method as in c/aim 20 ^h^reiii-aTe'pafticlriar time 
period is the entire period during ^hich the primary certificaj« is valid. 




22. A method as in claim 19 wherein tile specific 
information includes electronia signals represenung some of a specific 
class of certificate that has been promised lo the relying party, 
specification of a transaction type and A second signature. 



20 



23. An electronic transaction system comprising: 
a certification authority issuing electronic signals 
representing primary certificates to subscribers to the system; and 



- 138- 



a reliance server coAnectable to the certification authority 
and receiving from the certification authority electronic signals 
representing information regarding the primary certificates issued by the 
certification authority, the reliance server issuing, upon request from 
relying parties, electronic signals l epresenting secondary certificates to 
the relying parties, the issuing bei ig based on the information provided 
by the certification authority and pn information provided by the relying 
parties. 



24. A system 
at least one othe 



iarty 



claim/23 furthei/comprising: 

e to the reliance server, 



wherein the reliance server provides 

he secondary certificate to the other p^rty prior to issuinf^ the electronic 
signals representing the secondary ce rtificate to the^relying party. 

25. A system as in claim 23/wherein the reliance server 
/ X 

digitally signs the secondary certified prior to issuing it to the relying 
party. 



5tranic signals representing 



26. Lh an electronic transaction system in which a 
certification authority issues electronic signals representing digital 
certificates to subscribers, a method of automatic replacement of a 



subscribers certificate, the method comprising the steps of, by a 
subscriber: 

(A) creating a standby appljcation for certification of a 
new key pair; 

(B) digitally signing the st^dby application with a private 
key and then destroying the private key; 

(C) including electronicf signals representing the public 
key corresponding to the private key in a transactional certificate valid 
only for the standby application and for^iapdingsthe transactional 
certificate to the certification a/tjafority;^ and, by jfce certification 
authority, 

(D) keeping ^ectror 
transactional certificate;/and subsec 

(E) the Subscriber sendihg electronic signals representing 
the standby applicaiion to the certification authority; 

(F) / the certification autljiemty verifying the digital 
signature on 0e application by re^ence to the transactional certificate; 
and then 

(G) issuing electronic signals representing a new time- 
based Certificate listing the^public key indicated in the standby 
application. 



!als representing the 
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^ representing a transaction from a 
brmation regarding at least one 



27. A method of managing reliance in an electronic 
transaction system in which subscriqers have digital time-based 
certificates issued by certification authorities, the method comprising the 
steps of, by a relying party 

receiving electronic signal; 
subscriber, the transaction including i 
time-based certificate of that subscribdr; 

creating a message based pn certificate information from the 
transaction, the message specifying amount of the transaction upon 
which the relying party intends to re|ly; and 

sending electronic signps r^resenting the message to a 
reliance server requesting a gua/antee fo] ' the aijafount of the transaction 
upon which the relying party intends to i el 



28. A method ai in claim 17 further comprising the steps 
of, the relying party: 

receiving elec^onic signals iepres^ting a voucher from the 
reliance server in response to the step of^nding the message; and 

continuing me transact^ with the subscriber based on 
information in the voucher. 



29. A 



transaction system i: 



lethod of managing reliance in an electronic 

which subscribers have digital time-based 
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certificates issued by certification authorities, the method comprising the 
steps of, by a reliance server: \ 

receiving electronic signals representing a reliance request 



specifying an amount of a transaction 
and requesting a guarantee for the 
ge including certificate information 



message from a party, the message 
upon which the party intends to rely 
amount of the transaction, the mess; 
derived from the transaction; 

determining whether to/provide a guarantee for the amount 
of the transaction; and 

sending electronic sigiials representing a vc/ucher to the 



relying party, the voucher incmdling 
reliance server guarantees the amoun : 



I 

4n indication ofiKvhether the 
of the transaction. 



30. A method ^s in claim 29 wherein the : 
determining further comprises the stip of: 

determining yhether certificates ass^iated with the 
transaction have been revoked or suspdr 



31. A method as claim 30 further comprising the steps 



of: 



receivimg from the certification authority electronic signals 
representing an actual reliance limit for a certificate; 



storing the actual re^liance limit; and 

the requested amount would exceed the 



determining whether 
actual reliance limit, 

32. A method as in 
maintaining a cumulative liability 



claim 31 further comprising the step of 
for a certification authority. 



33. A method of managing reliance in an electronic 
transaction system, the method comprising thg,sleps of, by a 
certification authority: 

issuing electronicy^i^nals repijbsentiilg a time-based 
certificate to a subscriber, the^ertificate J5pec^i^jrig_a^ated reliance 
limit; and 

forwarding to a Reliance seri^er electrofiic signals 
representing an actual reliance limit fof the cefrtificate, the actual reliance 
limit being different front the stated reli^ce limit. 



34. A niethod of managing reliance in an electronic 
transaction system iri which subscribers have digital certificates, the 
method comprising the steps o^ by a relying party: 

receiving electronic signals representing a transaction from a 
subscriber, the tr^saction including information regarding at least one 
subscriber; 
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certificate of that 



9 

creating electronici signals representing a message based on 
certificate information fi-om the transaction, the message specifying an 
aspect of the transaction upon v/^hich the relying party intends to rely; 
and 

sending the electron] c signals representing the message to a 
reliance server requesting a guaritntee for the aspect of the transaction 
upon which the relying party intends to rely. 

35. A method as in claim 34 further comprising the steps 
of, the relying party: / \ 

receiving electrons signals/representing a reply receipt from 
the reliance server in response to the step ©finding the message; and 

continuing the transaction/with the subscriber based on 
information in the reply reofeipt. T ^ 

36. A method as in claim 34 wlierein some of the 
subscriber's certificates have assoiiated/fees, the method further 
comprising the step oft the reliance^rver: 

ascertaining a fee for its services based on the fees of 
certificates associated with tne transaction. 

37. A method as in claim 36 wherein the fees include 

usage fees, guarantee fees and lookup fees. 
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38. A method as in claim 35 wherein the message 
requested certificate status checks arid the reply receipt indicates 
whether the certificate status checks A^ere acceptable. 

39. A method as in claim 35, wherein the receipt indicates 
whether the reliance server guarantees the aspect of the transaction upon 
which the relying party intends to re! 



40. A method as in claimx34 wherein the aspect of the 
transaction upon which the relying^arty intends to rely specifies a 
monetary value and the receipt indicates whe^er the reliance server 
guarantees the transaction for that monei 




41 . A method a^in claim 40 whereii>4he reliance server 
bases its guarantee on infom/ation speci|ied ii)/& certificate associated 
with the transaction. 

42. A met/hod of managing reliance in an electronic 
transaction system in which subscribers have digital certificates, the 
method comprising tne steps of, by a reliance server: 
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receiving electronic signals representing a message from a 
party thereby requesting a guarantee ^or an aspect of the transaction, the 
message including certificate inforrAation derived from the transaction; 

validating information/in the message to determine whether 
to provide the guarantee for the aspect of the transaction; and 

sending electronic s/gnals representing a reply receipt to the 
relying party, the reply receipt including an indication of whether the 
reliance server guarantees the aspect of thetcansaction. 



43. A method as in claiip 42 wlj^ein the step of validating 
fiirther comprises the step of 



determinmg whether certfificates associated with the 
transaction have been revoked or suspended. 



44./ A method as in claim^S, wherein the certificate 
information included in the message includes unique identifiers for 
certificates associated with Uie transaction, and wherein the step of 
determinii/g comprises tne step of: 

looking up \mique certificate identifiers on certificate 
revocatibn lists. 
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45. A method as in claim 43, wherein the step of 
determining is performed b^ed on previously obtained information 
about certificates. 



46. A method aain claim 43 wherein the aspect of the 
transaction for which a guarantee is requested is a monetary reliance 
value, and wherein at least one certificate associated with the transaction 
specifies a monetary limit, the stpp of validating further comprising the 
steps of: 

determining whetheri tl>r1nonetary reli^ce value is within 
the monetary limit specified iyU^Q certi^cate. 

47. A method as/in claim 4o, whe rein th e step of 
determining further comprisinfg the stepjs of: 

obtaining a value of a curre it cumulative/^onetary liability 
for the certificate; 

determining wj^ether the surA the monetary reliance value 
and the current cumulativj^ monetary liability would exceed the specified 
monetary limit; and, based on thi/determining, 

updating the current cumulative monetary liability. 



48. A 



ethod of managing reliance in an electronic 



transaction system, tqe method comprising the steps of: 
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a certification authority is^ing electronic signals 
representing a time-based certificate to a ^subscriber; 

forwarding, fi*om the certification authority, electronic 
signals representing information about the certificate to a reliance server, 
the information including a unique identifier for the certificate and an 
actual reliance limit for the certificate; 

the subscriber forming electronic signals representing a 
transaction based on the certificate and /brwarding the transaction to a 
relying party; 



the relying party sendipgrelectronic sigi^als representing a 
reliance request message to tKe reliancef server concerning the 
transaction; 

the reliance server qiieckiiig 5nf©HRatron~in-tlje reliance 
request message, and, based oh the cHecking; 

issuing electronic signalsjrepresentijjig a transactional 
certificate as a voucher to tne relying 

49. A metnod as/in claim 48 wherein the time-based 
certificate includes a siated/reliance limit which is zero. 



50. A/method as in claim 48 wherein the certificate states 
that reliance on th^ certificate can only be made if the certificate is 



checked with a re 



lance server. 
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51. A method as in claim 50 



wherein the certificate 



specifies the reliance server. 



52, A method as in claim 50 



iirther comprising the step of 



the reliance server digitally signing the transactional certificate. 



53. A method as in claim 5<p further comprising the steps 
of, by the reliance server: 

forwarding the electromc^Signals ref>i;esenting the 
transactional certificate to at l^t om other pa 

receiving the ele\;tronic/ si; jnals Representing the transactional 
certificate from another party; ami 

digitally signing ttte transactional certificate, 

54. A method as in cla im 53'Wther comprising the step of 
the other party digitally signing the tf^sactional certificate. 



55. /a method as in claim 48 wherein the reliance request 
message specifies an amount of the transaction upon which the relying 
party intends/^to rely. 
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